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COMMUNICATION APPARATUS, METHOD 
AND MEMORY MEDIUM THEREFOR 

BACKGROUND OF THE INVENTION 
5 Field of the Invention 

The present invention relates to a communication 
apparatus suitable for transferring the received secret 
data* 

Related Background Art 

10 Owing to the recent remarkable popularization of 

the internet, the facsimile device which has executed 
communication only through the public network is now 
becoming to be connected to a computer network such as 
a LAN (local area network). 

15 Such facsimile device adaptable to multi- lines, 

connectable to the public network and the LAN, upon 
receiving image data from another facsimile device 
through the public network, transfers such image data 
to a server computer through the LAN. 

20 The user acquires the image data by accessing to 

the server computer from a client computer. The 
acquired image data can displayed and viewed on a CRT 
by a predetermined viewer software. Otherwise the 
image data can be printed and observed by a printer 

25 connected to the client computer. 

In the facsimile communication, there is known a 
confidential function. In such function, the facsimile 
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apparatus does not inu-diately print the image rsceived 
under the designation of a confidential transmission 
but stores the image in a memory, and prints such image 
from the memory in response to the input of a 
s predetermined password. Thus the image can be viewed 
only by the user who Knows the confidential password. 

However, as the conventional facsimile device 
described above is not provided with a configuration 
for transferring the confidential image, the intended 
L0 recipient user of the confidential image has to go to 
t he location of such facsimile device and to have the 
confidential image to be printed by the entry of the 
password. 

15 SUMMARY OF THE INVENTION 

in consideration of the foregoing, an object of 
the present invention is to provide a communication 
apparatus capable of transferring the received 
confidential image to a predetermined destination while 
20 maintaining its confidential character, and a method 
and a memory medium therefor. 

Other objects of the present invention, and the 
features thereof, will become fully apparent from the 
following detailed description which is to be taken in 
25 conjunction with the accompanying drawings. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1 is a view showing the configuration of a 
communication apparatus constituting a first embodiment 
of the present invention^ y 
5 Fig. 2 is a view showing a network system in the 

first embodiment of the present invention ; 

Fig. 3 is a -friew chart showing the function of the 
communication apparatus of the first embodiment of the 

present invention; - cLof\- 
10 Fig . 4 is aXw-^har* showing the function of the 

A/ 

communication apparatus in a second embodiment of the 

present invention;^ tka,ft 

Fig. 5 is 3/t «^-6ba** showing the function of the 
communication apparatus in a third embodiment of the 
15 present invention; 

Fig. 6 is a view showing the data structure of a 
management table indicating the correspondence between 
sub- addresses and electronic mail addresses in the 
third embodiment of the present invention; 
20 Fig . 7 is a view showing the data structure of an 

address notebook in the third embodiment of the present 
invention; 

Fig. 8 is a view showing the configuration of a 
communication system in a sixth embodiment of the 
25 present invention; ^ ^ ^ 

Fig. 9 is a^erovr-e^&rk showing the function of the 
communication apparatus in a fourth embodiment of the 
present invention; 



Fig. 10 is f-iow_chairb showing the function of 
the communication apparatus in a fifth embodiment of 
the present invention; and , . 

Figs. 11 and 12 are ^w charts showing the 
function of the communication apparatus in a sixth 
embodiment of the present invention; 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Now the present invention will be clarified in 
detail by preferred embodiments thereof, with reference 
to the accompanying drawings. 

Fig. 1 is a block diagram showing the 
configuration of a communication apparatus of the 
present invention, wherein shown are a CPU 101 for 
controlling the entire apparatus, f ROM 102 storing 
control programs to be executed by the CPU 101, and fL 
RAM 103 constituting a temporary storage area for the 
data. A part of the RAM is constructed as a non- 
volatile memory backed up by a battery or the like, and 
serving to store data to be retained even after the 
power supply of the apparatus is turned off, such as 
registration data and management tables required in the 
present embodiment. Such non-volatile memory may also 
be replaced by a hard disk. ^ 

There are also provided an^-EPe- 104 for data 
input/output with external circuits, an operation panel 
105 controlled by the PI0 104, a compression circuit 
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106 for compressing data, a decompression circuit 107 
for decompressing the data, a modulation circuit 108 
for converting data into an analog signal of audible 
range for transmission to a public network 202, a 
5 demodulation circuit 109 for demodulating the analog 
signal, received from the public network 202, into a 
digital signal, a MODEM 110 consisting of the 
modulation circuit 108 and the demodulation circuit 
109, an NCU 111 for connecting the present apparatus 
<5 10 with the public network 202, a LAN controller 112 

M relating to the protocol for transmitting the signal to 

J* the LAN, a LAN connection circuit 113 to be used for 

!= matching the level of the signal in the present 

ffL apparatus with that on the^-Netr; and a CPU bus 114 to be 

11 15 used for the control by the CPU 101. 

W Fig. 2 illustrates a network system to which the 

S3 communication apparatus 201 of the present invention is 

connected. Referring to Fig. 2, the communication 
apparatus 201 is connected to a public network 202 and 
20 a LAN 203. On the LAN 203, there are connected a 

server computer 205 to be used for example for storing 
the received image data, and a client computer 206 
capable of information exchange with the server 
computer 205. The server computer 205 is provided with 
25 e-mail server functions such as SMTP server function 

and POP server function, and is so constructed as to be 
capable of exchanging e-mail with the communication 
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apparatus 201, the client computer 206 and other 
unrepresented terminals. The communication apparatus 
201 and the client computer 206 are naturally provided 
with an e-mail client function. 

The communication apparatus 201 executes facsimile 
communication with the facsimile device 204 through the 
public network 202. 
[First embodiment] 

In a configuration where the communication 
apparatus 201 transmits image data received from the 
public network 202 to the server computer 205 for 
storage in a predetermined area, the first embodiment 
selectively executes the encryption of the image data 
according to whether the received image data represent 
15 a confidential image. 

in case the received image data represent a 
confidential image, the image data are encrypted by a 
predetermined method and stored thereby being rendered 
observable only by a specified user. Thus the received 
confidential image can be transferred while the 
confidentiality of the data are retained. 

In the following there will be explained the 
function of the communication apparatus ffi^^ff* 
present embodiment, with reference to a^^iow-ehOT* 
shown in Fig. 3. The sequence is started after the 
power supply to the communication apparatus 201 is 
turned on (step S301) and there is entered a state of 
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awaiting a call reception from the public network 202 
(step S302). If a call is made from the facsimile 
device 204 while the call reception is awaited, the 
call reaches and is received by the communication 
5 apparatus 201 through the public network 202^ When the 
call is detected by the CPU 101 and the NCU^ae*-, the 
call is established by the NCU 111. 

Then there is entered a phase B based on the ITU-T 
recommendation T.30 for executing a training for 
10 exchanging the information on communication ability and 
investigating the quality of the communication line 
(hereinafter represented as pre-communication). In the 
pre-communication (step S303), there are informed 
information such as the aforementioned sub-address (by 
15 SUB signal in ITU-T T.30), a password (by PWD signal in 
ITU-T TT.30) in case of a confidential image, a 
confidential box number^ etc. Such information are 
temporarily stored in the RAM 103 of the communication 
apparatus 201. 

20 After the pre-communication (step S303 ) , there is 

executed reception of image data (step S304). The 
image signal transmitted through the public network 202 
is fetched into the communication apparatus 201 through 
the NCU 111, then returned to the original image data 

25 through the demodulation circuit 109 of the MODEM 110 
and by the decompression circuit 107, and stored in a 
predetermined data format (which may be compressed 
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data) in the RAM 103 by the CPU 101. Such receiving 
operation is repeated until an end notice arrives from 
the transmitting side (step S305). 

After the reception of the image data, there is 
5 discriminated whether the image is a confidential image 
by reading the information stored in the aforementioned 
RAM 103 (step S306). This discrimination may be made 
by whether the aforementioned PWD signal is received, 
or by whether the use of the confidential function is 
" 10 designated on a protocol signal such as the NSS signal. 

\l in case the image data represent a confidential 

{J im age, the image data stored in the RAM 103 are read by 

^ S 2 th e CPU 101 and *tehe* encrypted (step S307). The 

communication apparatus 201 executes encryption by an 
\i 15 encryption key corresponding to the server computer 
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The encrypted image data are transmitted to the 
LAN controller 112, and to the LAN 203 through a LAN 
connection circuit 113, thereby transferring to the 
server computer 205 (step S308 ) . Also the CPU 101 
transmits the password and the confidentiality box 
number obtained in the pre-communication (step S303) to 
the server computer 205, whereupon the communication 
apparatus 201 terminates the sequence (step S409). 

in case the step S306 identifies that the image 
data do not represent a confidential image, the 
encrypting step S307 is skipped and the image data are 
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transferred without encryption to the server computer 
205 (step S308) whereupon the communication apparatus 
201 terminates the sequence (step S309). 

Upon receiving the image data transferred in the 
5 step S308, the server computer 205 stores such image 

data as a file in a memory area thereof and transmits a 
reception notice to the client computer 206 of a 
^ specified user based on the sub-address. Such notice 

is made for example by e-mail. 
O 10 In case the image data do not represent a 

lI confidential image, the user receiving the notice 

[l manipulates the client computer 206 for acquiring the 

"J image data addressed to the user from the server 

J\ computer 205 for example by downloading, thereby being 

{* 15 enabled to acquire the image data as visible 

W information, for example by display on the client 

P computer 206 with an image viewer application or by 

printing with an unrepresented printer device. 
On the other hand, in case the image data 
20 represent a confidential image so that the image data 
stored in the server computer 205 are encrypted, it is 
necessary to transmit a password corresponding to the 
confidentiality box number to the server computer 205 
when the client computer 206 downloads the image data 
25 from the server computer 205. Only in^ case -the. server 
computer 205 judges that the password is proper, it 
transmits the decrypted image data to enable viewing 
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thereof on the client computer 206. 
[Second embodiment] 

In a configuration where the communication 
apparatus 201 transmits image data received from the 
public network 202 to the server computer 205 for 
storage in a predetermined area, the second embodiment 
does not execute such storage but transfers the image 
data to the designated destination by e-mail in case 
the received image data represent a confidential image. 

in case the received image data represent a 
confidential image, the image data are directly e-mail 
transferred to the destination without storage in the 
memory of the server computer 205, whereby the received 
confidential image can be transferred while the 
confidentiality of the data are retained. 

In the following there will be explained the 
function of the communication apparatus ^ j?*/* 6 
present embodiment, with reference to 3/ ^iew-^her* 
shown in Fig. 4. As the process of steps S401 to S405 
have already been explained in the step S301 to S305 of 

the foregoing first embodiment, the sequence will be 

&f -pofiouJS -from 
explained ^ tho fo l lowing from a step S406. 

At first /there is discriminated whether the image 
data received in the step S405 represents a 
confidential image, by reading the information stored 
in the aforementioned RAM 103 (step S406), and, if a 
confidential image is represented, the CPU 101 reads 
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the image data stored in the RAM 103 and converts the 

image data into an image format (JPEG, GIJ etc.) 

developable by the client computer 206 (step S407). 

Then the CPU 101 specifies the client computer 206 at 

the address of transfer by the sub-address, and sends 

an e-mail (step S408). In this operation, the image 

data converted to the image format is attached to the 

e-mail, whereby ^eaJ^ad-i^ the delivery of the ^ ^ ^ 

confidential image to the specified user by e-mail^. 

After the transmission of the e-mail to which attached 

/Aid . . 

are the image data converted^**-** the image format, 

the communication apparatus 201 terminates the sequence 

(step S409K / 

!„ A <jilu^tSr£i06 identifies that the received 

image data do not represent a confidential image, the 

image data are transferred to the server computer 205 

(step S410) whereupon the communication apparatus 201 

^^^sequence (step S409 ) . The server 

computer 205 stores such image data as a file in a 

memory area thereof and transmits a reception notice to 

the client computer 206 of a specified user based on 

the sub-address. Such notice is made for example by e- 

mail. Upon receiving the notice, the user manipulates 

the client computer 206 for acquiring the image data 

addressed to the user from the server computer 205 for 

example by downloading, thereby being enabled to 

acquire the image data as visible information, for 
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example by display on the client computer 206 with an 
image viewer application or by printing with an 
unrepresented printer device. 
[Third embodiment] 

In transferring the received confidential image by 
e-mail, the third embodiment selectively executes 
encryption based on whether a public key of the 
destination of transfer is acquired. 

More specifically, in case the communication 

apparatus 201 has acquired the public key of the 

destination of transfer of the confidential image, the 

received image data are transferred by an e-mail 

^ uUct 

encrypted with such public key. In^case^^he- 
communication apparatus 201 has not acquired the public 
key of the destination of transfer of the confidential 
image, such confidential image is not transferred but 
is stored in a memory box managed by the communication 
apparatus 201, and an e-mail only describing that the 
received confidential image is stored in the memory box 
is transmitted to the destination of transfer. 

In the public key system, the encrypting key at 
the transmitting side is different from the decrypting 
key at the receiving side, in which one of the keys^ 
made public (public key) while the other is^<aa±»*a±ned- 
secret (secret key). The user, receiving a 
confidential image encrypted with his public key, can 
view the confidential image by decryption with the 
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secret key held by the user only. 

In this manner it is rendered possible to prevent 
unexpected disclosure of the confidential image without 
encryption onto the LAN, thereby maintaining the 
confidentially of the confidential image. 

Fig. 6 shows a management table held by the 
communication apparatus 201 and storing the 
correspondence between the sub-address data and the e- 
mail addresses of the destinations of transfer. The 
table stores the e-mail addresses of the destinations 
of data and the confidentiality box numbers for the sub-< 
a&Ze&ee data 601 in mutual correspondence. 

Fig. 7 shows, in the form of a table, the data 
structure of an address notebook in the e-mail client 
function of the communication apparatus 201. As shown 
in Fig. 7, for each address, there are shown a 
destination name 701, an e-mail address 702 and 
information 703 whether the public key of such 
destination is obtained. The public key data are 
acquired in advance from each destination through the 
LAN, or from a detachable memory medium by providing 
the communication apparatus 201 with a function of 
connecting a device capable of driving such memory 
medium. The acquired public key data are stored as 
file data, and the acquired public key data and the 
destination are correlated in the address notebook 
through a predetermined procedure. 
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Also in acquiring the public key, it is preferable 
also to confirm the appropriateness of the public key 
by receiving a certificate certifying that the public 
key is of the proper owner from a predetermined 
certifying organization and then to register the public 
key in the aforementioned address notebook. 

in the following, the present embodiment will be 
explained with reference to Figs. 6 and 7. 

At first, when the sub-address "0123" receives the 
designated image data from the public network 202, the 
e-mail address of the destination of transfer is 
converted into "aaa@xxx.xxx.com" based on the 
management table shown in Fig. 6, and the 
presence/absence of the public key is judged, based on 
the e-mail address of the destination of transfer in 
the address notebook shown in Fig. 7. 

In the example shown in Figs. 6 and 7, the 
confidential images designated for the sub-addresses 
"0123" and "8901" are respectively stored in the 
corresponding memory boxes "01" and "03" since the 
public keys are not acquired, and e-mails describing 
the storing confidentiality box number, the transmitter 
information and the time and date of reception as text 
data are transferred to the respective destinations 
- aaa@xxx . xxx . com" and "cccQxxx . xxx . com" . 

The confidential image designated for the sub-*^"^ 
add rocc "5678", for which the public key has been 
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acquired, is encrypted with such public key and is 
transferred to the destination "bbb@xxx.xxx.com". 
* Also in^ase^fehe- received image data do not 

represent a confidential image, the received image data 
5 are transferred by e-mail, without encryption, to the 
e-mail address of the destination corresponding to the 

y sub-address. jfaj^rf 

Fig. 5 is a Slew-che** showing the function of the 
communication apparatus 201 in the present embodiment. 
J! 10 As the process of steps S501 to S505 have already been 

^ explained in the step, S301 to S305 of the foregoing 

I! first embodiment, the sequence will be explained in the 

k i following from a step S506. 

= At firs t a step S506 discriminates whether the 

image data received in the step S504 represent a 
confidential image, and, if not, the sequence proceeds 
to a step S512 for transmitting an e-mail with the 
received image data as an attachment to the e-mail 
address of the destination corresponding to the sub-a^cy 
«addr_£SS- received in the step S503. 

A step S507 discriminates, based on the management 
table shown in Fig. 6 and the address notebook shown in 
Fig. 7, whether the public key is correlated with the 
e-mail address corresponding to the sub-address 
received in the step S503. If the public key is not 
correlated, the sequence proceeds to a step S510 for 
storing the received image data in a memory box 
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corresponding to the sub-address. Then a step S511 
transmits, to the e-mail address corresponding to the 
IPT sub-address, an e-mail describing, as text data, a 

message that the confidential image is stored in the 
5 memory box. An example of the message is "A 

confidential image is received in your memory box. 
Please come to receive it". 

The receiver of the confidential image, receiving 
the e-mail describing the above-mentioned message, 
visits the location of the communication apparatus 201 
and enters a password corresponding to the memory box 
from the operation panel 10, whereby the confidential 
image is outputted from the unrepresented printer. In 
this manner it is rendered possible to prevent 
unexpected disclosure of the confidential image without 
encryption onto the LAN, thereby maintaining the 
confidentiality of the confidential image. 

In^case x *££ step S507 identifies that the public 
key is correlated, the sequence proceeds to a step S508 
for encrypting the received image data with such public 
key, and then a step S509 transfers an e-mail with the 
confidential image encrypted in the step S509 . An 
example of the encrypting method based on the public 
key is RSA ( Rvert-Shamir-Adleman) system. 
25 The above-described process allows secure 

encryption in transferring the confidential image 
received from the public network through a LAN thereby 
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enabling to maintain the confidentiality of the 
confidential image. 

Among the encryption systems, there is also known 
a common key system, in addition to the aforementioned 
public key system- In such common key system, the 
encrypting key at the transmitting side is same as the 
decrypting key at the receiving side. The transmitting 
side executes transmission by encrypting the 
communication text (plaintext) by such encrypting key, 
and the receiving side decrypts the received text 
(encrypted text) with the same key. 

As the public key system generally requires a 
longer time in comparison with the common key system, 
because the encryption and the decryption are more 
15 complex, it is also possible to transfer data obtained 
by encrypting the confidential image by a common key 
generated by a predetermined algorithm and data 
obtained by encrypting such common key by the public 
key of the destination of transfer. An encryption 
system based on the common key is DES (data encryption 
standard) system. 
[Fourth embodiment] 

In the foregoing third embodiment, the receiver of 
the confidential image stored in the memory box in the 
25 step S510 is assumed to visit the communication 

apparatus 201 for obtaining the printed output. In the 
present embodiment, after the confidential image is 
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stored in the memory box, in response to the 
registration of the public key of the destination of 
transfer of the confidential image in the 
aforementioned address notebook, such confidential 
image is automatically encrypted with such public key 
and transferred to the destination. 

Consequently the receiver of the confidential 
image, without visiting the location of the 
communication apparatus 201, can acquire the 
confidential image stored in the memory box, by causing 
the system manager to register the public key or by 
sending the public key to the communication apparatus 
201 through the LAN 203. 

in the following, the function of the communication 

15 apparatus 201 in the present e ^ d ^ nt W±11 b<3 

explained with reference to ^^^^^ " ^ 
9, which is a modification of the A «^*^ of ^the 
third embodiment and in which any step of a'n'umber «a*e- 
as in the third embodiment has^'same content. In the 
following there will only be explained steps of which 
processes are different from the third embodiment. 

At first, after the process of the step S511 in 
Fig. 10, there is executed, at a predetermined 
interval, a process of discriminating whether the 
public key of the destination corresponding to the 
confidential image stored in the memory box is 
registered in the address notebook (a loop process 
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consisting of steps S1001 and S1002), and if the step 
S1001 detects the affirmative discrimination in such 
loop process, the sequence proceeds to a step S508 for 
transferring the confidential image with encryption by 
5 the registered public key. 

Also the message to be transmitted in the step 
S511 can be, for example, "A confidential image is 
received in your memory box. The confidential image 
Y will be encrypted and transmitted if you send^ your 

si 10 public key" . 

[Fifth embodiment] 
W The foregoing third embodiment does not execute 

S 2 the image transfer unless the public key of the 

J\ destination is acquired, but, in the present 

Jt 15 embodiment, the encrypted transfer is executed 

K depending on the security of the transfer path. More 

S3 specifically, in the transfer through the LAN 203, 

there is discriminated whether the public key of the 
destination of transfer is acquired or not only in case 
the security of the transfer path is not ensured, and, 
if the public key is discriminated to be present, the 
confidential image is encrypted and transferred, but, 
if absent, the confidential image is stored in the 
memory box and a message indicating such image storage 
alone is transmitted to the destination. Also in^case^ 
^ security of the transfer path is ensured, the 
confidential image is transferred to the destination 
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regardless whether the public key of the destination of 
transfer is acquired or not. 

In this manner, the process relating to the public 
key data can be dispersed x &h-eor the destinations 
within a domain with ensured security such as an 
intranet, whereby the process of registered data 
management in the communication apparatus 201 can be 
alleviated. 

In the following, the function of the communication 
apparatus 201 in the present e^^Jffffi wil1 be 
explained with reference to ^K^^^J^P ±n F±9 ' 
10, which is a modification of the ^lwohart of the 
third embodiment shown in Fig. 5, and in which any step 
of a^number «an» as in the third embodiment has the 
same content. In the following, there will only be 
J^L^l or which processes are different from 
the third embodiment. 

At first, if the step S506 identifies that the 
received image data represent a confidential image, the 
sequence proceeds to a step S1101. A step S1101 judges 
the security of the transfer path to the destination of 
transfer corresponding to the sub-eddress received in 
the step S503, and, if the transfer path is judged 
secure, the sequence proceeds to a step S512 for 
transferring the confidential image to the destination. 

On the other hand, if the transfer path is judged 
not secure, the sequence proceeds to a step S507 for 
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determining whether to transfer the confidential image 
or to store it in the memory box, according to the 
presence or absence of the public key. The judgment of 
the security of the transfer path in the step SI 101 can 
be made, for example, by the domain of the e-mail 
address of the communication apparatus 210 and the 
domain of the e-mail address of the destination of 
transfer. 

Such judgment will be explained in more detail 
with reference to Figs. 6 and 7. As explained in the 
foregoing, the communication apparatus 201 is provided 
with an e-mail client function, for example with an e- 
mail account "fax@xxx.xxx.com". 

Consequently, in the example of the address 
notebook data shown in Fig. 7, the destinations aaa, 
bbb and ccc are in the same domain "xxx.xxx.com" of the 
communication apparatus 201 while the destinations ddd 
and eee are in domains different from that of the 
communication apparatus 201. 

Therefore, for the destinations of transfer 
belonging to the domain of the communication apparatus 
201, the confidential image is transferred by the e- 
mail regardless whether the public key is registered in 
the address notebook. 

For the destination in a domain different from 
that of the communication apparatus 201, the transfer 
is executed according to whether the public key is 
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registered in the address notebook. More specifically, 
since the public key is not registered for the 
destination ddd, the confidential image for the 
destination ddd is stored in the memory box and the e- 
mail describing only a message indicating the storage 
of the confidential image in the memory box is 
transmitted to the destination ddd. Also as the public 
key is registered for the destination eee, the e-mail 
with the confidential image encrypted with the public 
key is transmitted to the destination eee. 

The domain name has a hierarchic layered structure 
punctuated by dots, and the judgment of a same domain 
by the coincidence of a number of hierarchic layers 
starting from the first layer "com" depends on the 
security policy of the network system. For example the 
transfer path may be Judged secure by the coincidence 
up to the second hierarchic layer "xxx.com". 

In the foregoing there has been explained the 
judgment based on the domain name, but the security may 
also be judged by whether the sublet of the IP address 
of the destination of transfer is within a 
predetermined sub-net. 
[Sixth embodiment] 

Certain public keys are rendered effective only 
during a period, in order to improve the security. The 
present embodiment ^ntiii^ such^ public key as wxll be 
explained in the following with reference to Fig. 11. 
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A jh^L shown in Fig. 11 is a modification of 
the ^tew-ch^o^ the third embodiment shown in Fig. 5, 
and any step of a* number -same- as in the third 
embodimentj^same the content. In the following, there 
will only b & *£xp££**** steps of which processes are 
different from the third embodiment. 

At first, if the step S506 identifies that the 
received image data represent a confidential image, a 
step S507 discriminates, based on the management table 
shown in Fig. 6 and the address notebook shown in Fig. 
7, whether the public key is correlated with the e-mail 
address corresponding to the sub-address received in 
the step S503. If the step S507 identifies that the 
public key is not correlated, a step S1201 
15 discriminates whether the public key is within an 

effective period. . i.p.. 

in the step S1201 A *ie»*±£fes that the public key 
is within the effective period, a step S508 encrypts 
the received image data with the public key, and a step 
S509 transmits an e-mail with thus encrypted 
confidential image. 

If the step S1201 identifies that the effective 
period of the public key has expired, a step S510 
stores the received image data in the memory box 
25 corresponding to the sub-address and a step S511 

transmits, to the e-mail address corresponding to the 
sub-address, an e-mail describing, as the text data, a 
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message that the confidential image is stored in the 
memory box. Such message can be, for example, 
"Effective period of the public key has expired. A 
confidential image is received in your memory box. 
5 Please come to receive it" . 

It is also possible, in response to the renewal of 
the effective period of the public key, to 
automatically encrypt the confidential image with such 
public key and transfer the encrypted image to the 
:2 10 destination. 

,1 The function of the communication apparatus in 

ii such case will be explained with reference to a^-f-iew- 

Ciiai* shown in Fig. 12, which is a modification of the 
^ * ^flow chart of the third embodiment, and in which any i 

\* 15 step of a.Aumtfer sa»^ as in the third embodiment hasj f 

Li same content. In the following there will only be 

£3 .oKplained steps of which processes are different from 

the third embodiment. 

At first, after the process of the step S511 in 
20 Fig. 12, a step S1304 executes, at a predetermined 
interval, a process of discriminating whether the 
effective period of the public key of the destination 
corresponding to the confidential image stored in the 
memory box is renewed (a loop process consisting of 
25 steps S1302 and S1303), and if the step S1302 detects 
the affirmative discrimination in such loop process, a 
step S1301 discriminates whether the renewed period is 
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effective. 

If the step S1301 identifies that the public key 
is within the effective period, a step S508 encrypts 
the received image data with such public key, and a 
step S509 transfers the encrypted confidential image by 
the e-mail. 

Also the message to be transmitted in the step 
S511 can be, for example, "The effective period of the 
public key has expired. A confidential image is 
received in your memory box. The confidential image 
will be encrypted and transmitted if you renew the 
effective period of your public key" . 

In the foregoing there has been explained a case 
of renewing the effective period of the public key, but 
it is also possible to encrypt and transfer the 
confidential image stored in the memory box in response 
to the new acquisition of a public key in the effective 
period from the destination of transfer. 
[Seventh embodiment] 

The foregoing embodiments have been explained by 
the function of a single equipment constructed as the 
communication apparatus, but the present invention may 
also be applied to a system consisting of plural 
equipment such as a personal computer, a modem, a 
scanner, a printer, etc. The configuration of such 
system will be briefly explained with reference to FL^. 
8. Referring to Fig. 8, a personal computer (PC^-ee* 



* 
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is connected to a scanner 801, a printer 803 and a 
modem 804 (which may be incorporated in the PC 802) 
through a predetermined interface. The PC 802 is also 
connected to a public network 202 through the modem 804 
and to a LAN 203 through an unrepresented LAN board. 

The interface connecting the PC 802 with the 
scanner 801, printer 803 and modem 804 may be a network 
interface through the LAN 203, but is preferably a 
local interface separated from the LAN 203, such as 
USB, in order to handle the secret data such as the 
confidential image. 

in the following there will be explained the 
receiving operation in this system. At first, a signal 
transmitted from the public network 202 is fetched into 
the modem -^through a NCU unit incorporated therein. 
The modem**!* demodulates the analog signal to restore 
the digital data. The digital data are read by a 
computer A ee¥ in which image data are restored by 
decompression of the compressed data and are supplied 
to a printer A »©8-, which prints the image data. 

If the received image data are confidential, the 
data are stored in a memory box of a hard disk device 
incorporated in the PC 802, and, according to the 
aforementioned third embodiment, the confidential image 
is transferred with encryption by the public key to 
the destination of which the public key is acquired 
while the e-mail indicating the reception of the 
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confidential image is transmitted to the destination of 
which the public key is not acquired. 

in the foregoing first to seventh embodiments, 
there has been explained a configuration in which the 
sub address received from the transmitting sxde ^ 
converted by the communication apparatus of the present 
invention into the e-mail address, but the e-mail 
address of the destination of transfer may be directly 
set in the sub-address from the transmitting side. 

Also in the foregoing embodiments, there has been 
explained a case of transferring the image data, 
received from the public network 202, to the client 
device on the LAN 203, but such configuration is not 
restrictive and there may be assumed a configuration in 
which the LAN 203 is connected to the internet through 
a predetermined access point and the image data 
received from the public network 202 is transferred 
through the internet. The present invention is 
suitable for the communication through the internet 
since the security is considered important in such 
communication . 

The present invention is also applicable to a case 
in which the image data received from the public 
network is transferred by dial-up connection to the 
access point of the internet from the public network. 

Also the present invention is naturally applicable 
to a case where the present invention is realized by 
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a program to a system or an apparatus, 
in such case, the objects of the present invention can 
be attained by a computer (PCU or MPU) of such system 
or apparatus, reading and executing the program codes 
stored in a memory medium and realizing the present 
invention. 

Also the present invention naturally includes a 
case where, in executing the read program codes by the 
computer, an OS (operating system) functioning on the 
computer executes a part of the processes. 



